caddy: Add file-server capabilities

2026-01-21 12:51:34 +01:00 · 2025-11-08 22:11:45 +01:00 · 2025-11-08 22:11:45 +01:00 · dfeb11dfbd
commit dfeb11dfbd
parent 8c138d274f
1 changed files with 25 additions and 6 deletions
--- a/modules/system/services/caddy.nix
+++ b/modules/system/services/caddy.nix
@ -20,13 +20,23 @@ let
  ];

  mkVirtualHost =
-    { domain, port, ... }:
+    {
+      domain,
+      port,
+      files,
+      ...
+    }:
    lib.nameValuePair domain {
      logFormat = "output file ${config.services.caddy.logDir}/${domain}.log { mode 640 }";
-      extraConfig = ''
-        ${lib.optionalString (lib'.isTailscaleDomain domain) "bind tailscale/${lib'.subdomainOf domain}"}
-        reverse_proxy localhost:${toString port}
-      '';
+      extraConfig = lib.concatLines [
+        (lib.optionalString (lib'.isTailscaleDomain domain) "bind tailscale/${lib'.subdomainOf domain}")
+        (lib.optionalString (port != null) "reverse_proxy localhost:${toString port}")
+        (lib.optionalString (files != null) ''
+          root * ${files}
+          encode
+          file_server
+        '')
+      ];
    };
 in
 {
@ -49,7 +59,11 @@ in
                default = name;
              };
              port = lib.mkOption {
-                type = lib.types.port;
+                type = lib.types.nullOr lib.types.port;
+                default = null;
+              };
+              files = lib.mkOption {
+                type = lib.types.nullOr lib.types.path;
                default = null;
              };
            };
@ -63,6 +77,11 @@ in
  config = lib.mkIf (virtualHosts != [ ]) (
    lib.mkMerge [
      {
+        assertions = lib.singleton {
+          assertion = virtualHosts |> lib.all ({ port, files, ... }: lib.xor (port != null) (files != null));
+          message = "Each caddy virtual host must set exactly one of `port` or `files`";
+        };
+
        meta.ports.tcp.list = [ cfg.metricsPort ];

        services.caddy = {